Lucene search

K

HackeroneCVELIST:CVE-2017-0900

HistoryAug 31, 2017 - 8:00 p.m.

CVE-2017-0900

2017-08-3120:00:00

hackerone

www.cve.org

7

AI Score

8.2

Confidence

High

EPSS

0.023

Percentile

89.7%

RubyGems version 2.6.12 and earlier is vulnerable to maliciously crafted gem specifications to cause a denial of service attack against RubyGems clients who have issued a query command.

References

blog.rubygems.org/2017/08/27/2.6.13-released.html

www.securityfocus.com/bid/100579

www.securitytracker.com/id/1039249

access.redhat.com/errata/RHSA-2017:3485

access.redhat.com/errata/RHSA-2018:0378

access.redhat.com/errata/RHSA-2018:0583

access.redhat.com/errata/RHSA-2018:0585

github.com/rubygems/rubygems/commit/8a38a4fc24c6591e6c8f43d1fadab6efeb4d6251

hackerone.com/reports/243003

lists.debian.org/debian-lts-announce/2018/07/msg00012.html

security.gentoo.org/glsa/201710-01

www.debian.org/security/2017/dsa-3966

AI Score

8.2

Confidence

High

EPSS

0.023

Percentile

89.7%

Related for CVELIST:CVE-2017-0900

debiancve1 osv6 cve1 github1 hackerone1 redhatcve1 rubygems1 prion1 veracode1 nvd1 alpinelinux1 openvas15 debian4 nessus27 fedora3 gentoo1 ubuntucve2 f51 mageia1 ubuntu1 slackware1 redhat4 amazon2 ibm1 oraclelinux1 centos1